• ssh密钥讲解


    我们用ssh连接机器时候需要输用户名、密码,但是直接写账户文件的时候由于用的是明文,就存在安全的问题了。别人一旦截取了数据就获得了隐私了。这时候就用上ssh的密钥。

    ssh的密钥存是成对出现的,一个叫公钥,一个是私钥。公钥是给别人的,私钥存在自己手里。在连接的时候两把钥匙配对成功,就可以建立数据连接。

    [root@localhost ~]# ssh-keygen
    Generating public/private rsa key pair.
    Enter file in which to save the key (/root/.ssh/id_rsa): 
    Created directory '/root/.ssh'.
    Enter passphrase (empty for no passphrase): 
    Enter same passphrase again: 
    Your identification has been saved in /root/.ssh/id_rsa.这个就是私钥的存储路径
    Your public key has been saved in /root/.ssh/id_rsa.pub.这个是公钥
    The key fingerprint is:
    SHA256:uRVPB4eYb3mXG7j7BcIeOEG83TSS7ApCzyDdU5P1abE root@localhost.localdomain
    The key's randomart image is:
    +---[RSA 2048]----+
    |     . . o+*ooo  |
    |    . + o.=.=+o+ |
    |     o + .o=.=E..|
    |      . +..B*+oo.|
    |       .S.+o=.o.o|
    |         o.o + o |
    |        .   . . .|
    |             .  .|
    |              .. |
    +----[SHA256]-----+

    我们在看看这对密钥

    [root@localhost ~]# cat /root/.ssh/id_rsa
    -----BEGIN RSA PRIVATE KEY-----
    MIIEpAIBAAKCAQEA4oRNlaIoefdsSuYmoLUdV7C2JtzKv6hd6UsC1FUEFfgjn/SV
    5StzkVqnOWwEed77WOwW2my+n7pW6G3AyXtPAgrdih7Jpn6RG0AW3D0tkOlLN2/j
    L3znlfsqGpQ63hBPRPjSswmCMILfRhOnY+KbsAEmeClcQIjUEsljomSMS2BT+zTZ
    HyI1QLTdeET/DKxSrOcQPy+qNSSma7dAGDINNT8CVC7tdj62PVj1vgJ/lXJeTR79
    wh0aKHuBfTp9zqBDVQRzAhjX4I3xBTwKh+tgdSrX55ltQqhxA0KaqvoB2ZCG5VuE
    6U4XI8DUUEDtBY+AmCSUtWH+bDMwOI5ooNdL5wIDAQABAoIBAQCwO/lU+wX85sjF
    eU0Cagc7S4xcrhm8hdUTBj5cTwzPvvCQqa3Z0DWpGFvUrDrLSvZJV93r8QFaqpKl
    YYbF+38b+rIknRGMzRo+ll1y2tJR1YCk0BN0xfw0T2aRqVQno47Y/bKIg1RcQ+ZM
    0kvAxfUVOb/ha2SP/STqvO8c0Jfqp78pwsEiT8BCRPERsFJR6E2QSjWJQu2QPRO+
    Q51tHTVdzi4Z2jXjwbh/SwpKbK0zEsEa625RSocZXciT+b3IUYIZj0my0+Kmx6cE
    cO5tZqxL3FE0NUQaGHhs3NCscoqb/oigRvNMxHY+9kP9+voI7GZGgf4lYZWO9FId
    njjYc6q5AoGBAP/RnTw9SKLlHAa7ID8ThDe0BOIQKwPlyOKrV114MKbceuTHbdBc
    NopzFF2Sg6MrCrgjyTvu9ymBcoHYNx0DdZQitI9cFLfD/7tgLmHCFBqxnc0aVmgg
    9qGJ2hW3hM8lHK6mCCzdqlYF7R0UdkcoI6Cw5uznAKDE3Miesj7qyFZNAoGBAOKt
    YDCgMeSRBWy0Jkf6RKP+cUvLGBNZOIyz8QerRhNN8FAjXQwun6yUrzdEq2GgOM4c
    3GQKKSLikOn8jWczIPPA8/WIGEqIdWscDx2tjOCf2IID9bmWp1mIEo/66t9rQpqL
    RUnCDC388aY7ddvAo/6yFd+PHvj3TXuJ2jPZfe0DAoGANszZaOkb4UFBErQNQVXV
    8fTPQvoBrPERanUX3v77NRNwBAgwnvzR9jCWwUC8kDyNLEsGNZ+INMz1EZmWnNF7
    44LXuQoZqhADfUkqRmjD08AOtLwanG3LR2l3XUWV3qXtkgAhKjNF5O2aEKusdqvD
    jg23OjJ18Pqa7SMJve6fgdUCgYBytOGUObyFuY1RMOieS9soUb3raN7KC8A+E2DJ
    TLatVidhpkOTwpQytRrlkO5Y/MdCJgCw7yNZ7+T9QzwbGRh3wRCzEyeXr+4bQZu0
    nPpJQRpC0NYsEDynZeBe086/OHv/0LJDXNrk+rceM8C0b4uNe3juJHK78glXlq7A
    xjKfGQKBgQDIOERmoRikK4qihhp6eKaVL8slCKNc+qxBhAWTr6Da4lfXrd8GkiNR
    WPH4ZNHlIq6Cv8qZaypqdkrw9CsIHYDPQ3gSj/C3PMmXU24f6c2LkEhauOInK+22
    qHHJv0blEfQWIs5Uj0yJC5qetGxyT+6n7kTdxgKzXteTX8ltDtvJqg==
    -----END RSA PRIVATE KEY-----
    [root@localhost ~]# 
    [root@localhost ~]# cat /root/.ssh/id_rsa.pub 
    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDihE2Voih592xK5iagtR1XsLYm3Mq/qF3pSwLUVQQV+COf9JXlK3ORWqc5bAR53vtY7BbabL6fulbobcDJe08CCt2KHsmmfpEbQBbcPS2Q6Us3b+MvfOeV+yoalDreEE9E+NKzCYIwgt9GE6dj4puwASZ4KVxAiNQSyWOiZIxLYFP7NNkfIjVAtN14RP8MrFKs5xA/L6o1JKZrt0AYMg01PwJULu12PrY9WPW+An+Vcl5NHv3CHRooe4F9On3OoENVBHMCGNfgjfEFPAqH62B1KtfnmW1CqHEDQpqq+gHZkIblW4TpThcjwNRQQO0Fj4CYJJS1Yf5sMzA4jmig10vn root@localhost.localdomain
    [root@localhost ~]# 

     我们现在启动两台linux,用户名分别是user_on_1和user_on_2

    可以看到各自的ip和用户名。现在我们在user1上用ssh登陆user2

    [user_on_1@localhost ~]$ ssh user_on_2@192.168.233.130

    其实在IP后面应该还有个-p端口号,这里省略了。

    发现是需要输入登陆密码的,不是我们要的结果。我们在user1的/etc/.ssh文件夹下查找authorized_keys这个文件,把use2的公钥放进去,重新登陆,应该就没问题了!

    对了,要把.ssh文件夹的权限改成700,authorized_keys的权限改为600

    chmod 700 .ssh
    chmod 600 authorized_keys

    ps:我这里说的是应该,因为我也没成功,网上查的资料说StrictModes设置有问题,改了依旧没成功,先记下来,随着Linux的学习留给以后解决吧——20190118.

  • 相关阅读:
    2019-06-09 学习日记 day30 JS
    2019-06-08 学习日记 day29 CSS
    2019-06-07 学习日记 day28 THML
    2019-06-06 Java学习日记 day27 反射
    2019-06-05 Java学习日记 day26 网络编程
    2019-06-04 Java学习日记 day25 多线程下
    Linux安装Nginx
    Linux安装MySQL
    Linux安装Redis
    Java Swing实战(五)表格组件JTable(1)
  • 原文地址:https://www.cnblogs.com/yinsedeyinse/p/10289496.html
Copyright © 2020-2023  润新知